Lucene search
K

180 matches found

BDU FSTEC
BDU FSTEC
added 2020/12/18 12:0 a.m.6 views

The vulnerability of the WAGO Ethernet controller, related to deficiencies in authentication procedures, allows a perpetrator to alter certain special parameters without being authenticated.

The vulnerability of the WAGO Ethernet controller is related to deficiencies in the authentication process. Exploiting this vulnerability allows a malicious actor to modify certain special parameters without being authenticated...

9.4CVSS7.5AI score0.01247EPSS
Exploits0References4
OSV
OSV
added 2020/10/13 5:15 p.m.5 views

CVE-2020-17409

This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of NETGEAR R6120, R6080, R6260, R6220, R6020, JNR3210, and WNR2020 routers with firmware 1.0.66. Authentication is not required to exploit this vulnerability. The specific flaw exists...

6.5CVSS6.5AI score0.00688EPSS
Exploits0References2
Prion
Prion
added 2020/10/07 9:15 p.m.12 views

Authentication flaw

SoPlanning before 1.47 doesn't correctly check the security key used to publicly share plannings. It allows a bypass to get access without authentication...

4.3CVSS5.3AI score0.02759EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2020/07/22 11:15 p.m.9 views

CVE-2020-10917

This vulnerability allows remote attackers to execute arbitrary code on affected installations of NEC ESMPRO Manager 6.42. Authentication is not required to exploit this vulnerability. The specific flaw exists within the RMI service. The issue results from the lack of proper validation of...

9.8CVSS7.7AI score0.05574EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2020/04/28 4:3 p.m.3 views

bluez: failure in disabling Bluetooth discoverability in certain cases may lead to the unauthorized pairing of Bluetooth devices

A bug in Bluez may allow for the Bluetooth Discoverable state being set to on when no Bluetooth agent is registered with the system. This situation could lead to the unauthorized pairing of certain Bluetooth devices without any form of authentication...

4.5CVSS5.8AI score0.00458EPSS
Exploits1References4
CNVD
CNVD
added 2020/04/09 12:0 a.m.1 views

Samsung Mobile Device Access Control Error Vulnerability

Android is a Linux-based open source operating system jointly developed by Google Inc. and the Open Handheld Alliance OHA for short. The Samsung Mobile Device Access Control Error vulnerability can be exploited by an attacker to access Gallery albums in Secure Folder without authentication...

7.5CVSS6.8AI score0.00429EPSS
Exploits0References1
CNVD
CNVD
added 2020/03/26 12:0 a.m.3 views

Teradici PCoIP Management Console Security Vulnerability

Teradici PCoIP Management Console is a console program for managing PCoIP clients from Teradici Canada. A security vulnerability exists in Teradici PCoIP Management Console versions 20.01.0 and 19.11.1. The vulnerability can be exploited by an attacker to reset a password without authentication...

8.1CVSS7.2AI score0.01439EPSS
Exploits1
CNVD
CNVD
added 2020/03/25 12:0 a.m.1 views

Samsung Mobile Device Authorization Issue Vulnerability (CNVD-2020-32862)

Android is a free and open source operating system from Google based on the Linux kernel without GNU components. An authorization issue vulnerability exists in Samsung mobile devices, which can be exploited by attackers to modify USB configuration without authentication...

7.5CVSS6.6AI score0.0036EPSS
Exploits0References1
CNVD
CNVD
added 2020/03/25 12:0 a.m.3 views

Unspecified Vulnerability in Samsung Mobile Devices (CNVD-2020-30406)

Android is a free and open source operating system from Google based on the Linux kernel without GNU components. An unspecified vulnerability exists in Samsung mobile devices, which can be exploited by attackers to modify security settings without authentication...

7.5CVSS6.5AI score0.00333EPSS
Exploits0References1
OSV
OSV
added 2020/03/24 8:15 p.m.5 views

CVE-2019-20595

An issue was discovered on Samsung mobile devices with P9.0 software. Quick Panel allows enabling or disabling the Bluetooth stack without authentication. The Samsung ID is SVE-2019-14545 July 2019...

2.4CVSS5.8AI score0.00136EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2020/01/23 12:0 a.m.8 views

PT-2020-6770 · Unknown · Centos Web Panel

Name of the Vulnerable Software and Affected Versions: CentOS Web Panel versions cwp-e17.0.9.8.923 Description: The issue is related to the implementation of the ajax mod security.php script in CentOS Web Panel, where the archivo parameter does not properly neutralize special elements in...

10CVSS9.5AI score0.08411EPSS
Exploits0References5
CNVD
CNVD
added 2019/12/10 12:0 a.m.2 views

Unspecified vulnerability in Anviz access control devices (CNVD-2019-44971)

Anviz access control devices is an access control device from Anviz China. A security vulnerability exists in Anviz access control devices. The vulnerability can be exploited by an attacker to change the administrator password without authentication...

9.8CVSS7AI score0.02099EPSS
Exploits0References1
OSV
OSV
added 2019/11/20 5:15 a.m.3 views

CVE-2019-15073

An Open Redirect vulnerability for all browsers in MAIL2000 through version 6.0 and 7.0, which will redirect to a malicious site without authentication. This vulnerability affects many mail system of governments, organizations, companies and universities...

6.1CVSS6.2AI score
Exploits0References6
OpenVAS
OpenVAS
added 2019/08/27 12:0 a.m.151 views

MikroTik RouterOS File Deletion Vulnerability (CVE-2019-15055)

MikroTik RouterOS is prone to an authenticated file deletion vulnerability. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

6.5CVSS6.4AI score0.02233EPSS
Exploits1References4
OSV
OSV
added 2019/07/19 11:15 p.m.6 views

DEBIAN-CVE-2019-12815

An arbitrary file copy vulnerability in modcopy in ProFTPD up to 1.3.5b allows for remote code execution and information disclosure without authentication, a related issue to CVE-2015-3306...

9.8CVSS7.8AI score0.57606EPSS
Exploits1References1
OSV
OSV
added 2019/07/19 11:15 p.m.3 views

UBUNTU-CVE-2019-12815

An arbitrary file copy vulnerability in modcopy in ProFTPD up to 1.3.5b allows for remote code execution and information disclosure without authentication, a related issue to CVE-2015-3306...

9.8CVSS7AI score0.57606EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2019/01/29 12:0 a.m.7 views

PT-2019-9479 · Comodo · Comodo Utm Firewall

Name of the Vulnerable Software and Affected Versions: Comodo UTM Firewall versions prior to 2.7.0 Description: The issue allows remote attackers to execute arbitrary code without authentication via a crafted URL. This is related to the Web Console in Comodo UTM Firewall. Recommendations: For...

9.8CVSS9.7AI score0.83912EPSS
Exploits4References5
CNVD
CNVD
added 2018/08/21 12:0 a.m.3 views

daveismyname simple-cms authentication flaw vulnerability

daveismyname simple-cms is a content management system CMS. A security vulnerability exists in daveismyname simple-cms on 2014-03-11 and earlier versions, which stems from adding pages without authentication. An attacker can exploit the vulnerability to add pages...

8.8CVSS8.7AI score0.0057EPSS
Exploits1References1
OSV
OSV
added 2018/06/05 2:29 p.m.5 views

CVE-2016-9490

ManageEngine Applications Manager versions 12 and 13 before build 13200 suffer from a Reflected Cross-Site Scripting vulnerability. Applications Manager is prone to a Cross-Site Scripting vulnerability in parameter LIMIT, in URL path /DiagAlertAction.do?REQTYPE=AJAX&LIMIT=1233. The URL is also...

6.1CVSS5.8AI score0.01732EPSS
Exploits0References4
CNVD
CNVD
added 2017/11/24 12:0 a.m.3 views

Pelco Sarix Pro Network Camera set_param Program Has an Override Access Vulnerability

pelco Sarix Professional is a video camera. An override access vulnerability exists in the pelco Sarix Pro network camera setparam program. The vulnerability allows attackers to remotely enable ssh services without authentication to take full control of the camera...

7.1AI score
Exploits0
Rows per page
Query Builder